summaryrefslogtreecommitdiffstats
path: root/ignored/CVE-2009-file-permission-bypass
blob: a96a2b0112aa8dab0902c743ce31bb0386977c35 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Candidate:
Description:
 file permissions can be circumvented via information in /proc
References:
 http://securityfocus.com/archive/1/507386/30/30/threaded
 http://lwn.net/Articles/359219
Notes:
 from discussion on bugtraq, it appears that this problem is exposed because of
 some debian-specific patches (upstream is not affected).  at this point, i am
 noting the issue because there appears to be something to it, but i have not
 studied it in detail nor verified any claims.
 .
 dannf> I don't see anything debian-specific about it. I can reproduce on 2.6.32
        and RHEL5.
Bugs:
upstream: ignored "no upstream fix"
linux-2.6: ignored "no upstream fix"
2.6.18-etch-security: ignored "no upstream fix"
2.6.24-etch-security: ignored "no upstream fix"
2.6.26-lenny-security: ignored "no upstream fix"

© 2014-2024 Faster IT GmbH | imprint | privacy policy